[PATCH] certs: always use secondary keyring first if possible

From: Dave Young
Date: Fri Nov 17 2017 - 23:47:35 EST

Next message: Kees Cook: "Re: [nfsd4] potentially hardware breaking regression in 4.14-rc and 4.13.11"
Previous message: Serge E. Hallyn: "Re: [PATCH v2 12/15] ima: do not update security.ima if appraisal status is not INTEGRITY_PASS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Commit d3bfe84129f6 introduced secondary_trusted_keys keyring, current
users of verify_pkcs7_signature are below:
net/wireless/reg.c : uses its own trusted_keys
kernel/module_signing.c : pass NULL trusted_keys
crypto/asymmetric_keys/verify_pefile.c : pass NULL trusted_keys

For both module and pefile verification, there is no reason to use builtin
keys only. Actually in Fedora kernel module signing code passes 1UL, but
kexec code does not pass 1UL for pefile verification thus we have below bug
https://bugzilla.redhat.com/show_bug.cgi?id=1470995

Drop the hard code 1UL checking so that pefile verification can use
secondary keyring as well.

Signed-off-by: Dave Young <dyoung@xxxxxxxxxx>
---
certs/system_keyring.c | 2 --
1 file changed, 2 deletions(-)

--- linux-x86.orig/certs/system_keyring.c
+++ linux-x86/certs/system_keyring.c
@@ -229,8 +229,6 @@ int verify_pkcs7_signature(const void *d
goto error;

if (!trusted_keys) {
- trusted_keys = builtin_trusted_keys;
- } else if (trusted_keys == (void *)1UL) {
#ifdef CONFIG_SECONDARY_TRUSTED_KEYRING
trusted_keys = secondary_trusted_keys;
#else

Next message: Kees Cook: "Re: [nfsd4] potentially hardware breaking regression in 4.14-rc and 4.13.11"
Previous message: Serge E. Hallyn: "Re: [PATCH v2 12/15] ima: do not update security.ima if appraisal status is not INTEGRITY_PASS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]